Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ISVs & Salesforce: How to be compliant with GDPR


Published on

Great overview deck from Dreamforce 2017 for ISVs needing to be compliant with GDPR. Great reference for almost anyone in a regulated industry

Published in: Business
  • Be the first to comment

ISVs & Salesforce: How to be compliant with GDPR

  1. 1. ISV’s & Salesforce: GDPR Perspectives and Discussion ​ Your Salesforce Readiness Guide Dreamforce 2017
  2. 2. Forward-Looking Statements ​This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. ​The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. ​Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available., inc. assumes no obligation and does not intend to update these forward-looking statements. ​Statement under the Private Securities Litigation Reform Act of 1995
  3. 3. Let’s Talk GDPR Salman Malik COO, Products Salesforce Lindsey Finch SVP Global Privacy, Salesforce ** Confidential **
  4. 4. What is GDPR? Restriction of Processing Legal Basis for Processing Right to be Forgotten Security Accuracy & Portability Transparency
  5. 5. The Purpose of GDPR ​Delivering Security and Data Privacy to all Accountability Security Individual Rights Prevent unauthorized access Be transparent and take ownership Preserve individual’s privacy while delivering products and services
  6. 6. Our Salesforce Trust Commitment Building a GDPR partnership for lasting success ** Confidential ** Training and Guidance Trails & peer-to-peer events to learn from top experts Customer Success Enable our customers to build trusted relationship Product Innovation Redefining how to manage & protect customer data Ongoing Collaboration Alignment with data protection authorities & customers Security & Compliance At the core of everything we do & build
  7. 7. A Proven History of Ensuring Data Privacy and Trust for All ​Building a GDPR partnership for lasting success Salesforce's privacy program meets highest industry standards October 2015 November 2015 August 2016 Response to Safe Harbor Invalidation EU-U.S. Privacy Shield Certification Binding Corporate Rules Approved
  8. 8. Today’s GDPR Challenge ​ What’s holding you back? 86% of  organizations  are  concerned    that  not   adhering  to  GDPR  will  have  major  negative   impacts  on  their  business Trusted Customer Relationships
  9. 9. The Bedrock of the Salesforce Platform ArtificialIntelligence UserExperience Data ComplexIntegrations Identity Trust&Security Analytics Developer Skills Network&Firewall Metadata Predictive Marketing Predictive Service Unified Commerce Faster Collaboration Faster Results Guided Sales Smart Apps
  10. 10. Put the Customer at the Center “Stop processing my data” “Get my permission” “Delete my data” “Prevent unauthorized access to my data” “Update my data. Give me a copy of my data” “Tell me about your data protection practices”
  11. 11. Your Platform for Customer Success and GDPR Readiness SALESFORCE PLATFORM Trusted Customer Relationships ​The bridge to compliance & trusted customer relationships 86% of  organizations  are  concerned    that  not   adhering  to  GDPR  will  have  major  negative   impacts  on  their  business
  12. 12. Building a GDPR roadmap for lasting success GDPR Product Innovation Journey Salesforce GDPR Product Roadmap 2016 Spring ‘18 CONDUCT GAP ANALYSES/ DESIGN SOLUTIONS Complete VALIDATE SOLUTIONS WITH CUSTOMERS ENHANCED GDPR RELEASE DEFINE SCOPE & GDPR POLICIES Complete ADDITIONAL GDPR RELEASES GDPR Compliance May 25, 2018 Over 200 people across Engineering, Product Management, Strategy and Legal have been working on our Salesforce GDPR strategy. Today our products meet a majority of the GDPR requirements – and we are validating our approach with our customers.
  13. 13. Salesforce Accelerates Your GDPR Readiness Restriction Flag (coming 2018) Preference Management Consent Object (coming 2018) Salesforce Infrastructure & Shield Security Granular Update & Export Controls Granular Deletion Controls Trust & Compliance Documentation
  14. 14. Consistent and Extensible Consent New Standard Entity to Store “Data Subject” Consent Represents consent across the several roles a person can play Provides customers and Partners building blocks to implement custom consent regimes
  15. 15. Consistent and Extensible Consent New Standard Object Org Preference with Field History Tracking Look-up from Contact, Person, Account, Lead, and User objects Can be associated with custom objects as well(1:n Relationship) Consent and Intent includes: Block geolocation tracking Don’t process Don’t profile Don’t solicit Don’t track Export individual’s data Forget this individual OK to store personal data elsewhere
  16. 16. Japan’s Act on the Protection of Personal Information (APPI) EU ePrivacy Regulation & Directive on Security of Network & Information Systems (NIS) US Health Insurance Portability and Accountability (HIPAA) Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) Looking Beyond GDPR Salesforce Innovation to Match the Growth of Regulation Consistent and extensible consent Contact deletion framework Standardized indications of intent Session anomaly detection Bring Your Own Key and Filter Preserving encryption ** Confidential **
  17. 17. Salesforce Resources to Guide Your GDPR Journey DF Trail map, Website, Whitepapers, GDPR Trailhead, and more…. Txt GDPR to 805-65
  18. 18. Panel Tod Nielsen CEO, OwnBackup Sam Gutmann CEO, FinancialForce CMO, Kimble VP, Identity Product Management, Salesforce Mark Robinson Ian Glazer ** Confidential ** Ian Gotts Founder & CEO